Emerging Cyber Threats for 2012 - Slide 15

Advanced Persistent Threats

With such high stakes, critical infrastructure must remain highly alert with multiple layers of defense and constant user education.

“In the military, you’re taught that in a defensive position, you have a three-to-one advantage over an attacker,” said Greg Conti, associate professor of computer science at West Point. “But in security, it’s the opposite. The attacker has nearly a thousand-to-one advantage. We have to assume that a determined adversary can overcome the defender, it is just a matter of how long it will take.”

Unfortunately, end users tend to be the most common and hard-to-remediate weak point, and even security researchers struggle to address the problem. “You can’t patch users,” said Conti. “And there’s always a human being somewhere behind the security technology.”

One source working in critical infrastructure agrees, “People are always the most vulnerable part of the IT infrastructure,” he said. “We have so many security layers and defenses, from separating physical control systems from the standard business network, to DMZs, to limiting network protocols that communicate with physical systems, and securing all the primary UIs to the Internet. At the end of the day, there’s a person on the end of all that security that can make decisions that will have an impact.”

In the past year, we have witnessed cyber attacks of unprecedented sophistication and reach. These attacks demonstrate that malicious actors have the ability to com­promise and control millions of computers that belong to governments, private enterprises and ordinary citizens. If we are going to prevent motivated adversaries from attack­ing our systems, stealing our data and harming our critical infrastructure, the broader community of security research­ers — including academia, the private sector and govern­ment — must work together to understand emerging threats and to develop proactive security solutions to safeguard the Internet and physical infrastructure that relies on it.

More

Slideshows

:

Top Eight Features in Windows Server 8 Windows Server 8 is a technically sophisticated operating system that is crammed with features that bring many previously enterprise-only capabilities to small and mid-sized businesses.